Role-based data access, including: assigning, to a storage volume of a storage system, a volume-level access policy; and determining whether to allow access to the storage volume based on the volume-level access policy and one or more attributes of a request for the access, including allowing the access responsive to the one or more attributes meeting the volume-level access policy or denying the access responsive to the one or more attributes failing to meet the volume-level access policy.
Legal claims defining the scope of protection, as filed with the USPTO.
2. The method of claim 1, wherein determining whether to allow access to the storage volume comprises allowing the access responsive to the one or more attributes meeting the volume-level access policy.
3. The method of claim 1, wherein determining whether to allow access to the storage volume comprises denying the access responsive to the one or more attributes failing to meet the volume-level access policy.
4. The method of claim 1, wherein the volume-level access policy indicates one or more geographic access permissions and the one or more attributes comprise a source of the request.
5. The method of claim 1, wherein the volume-level access policy indicates a data sensitivity level and the one or more attributes comprise a security level.
6. The method of claim 1, wherein the volume-level access policy indicates one or more allowable storage operations and the one or more attributes comprise a type of storage operation of the request.
10. The apparatus of claim 9, wherein determining whether to allow access to the storage volume comprises allowing the access responsive to the one or more attributes meeting the volume-level access policy.
11. The apparatus of claim 9, wherein determining whether to allow access to the storage volume comprises denying the access responsive to the one or more attributes failing to meet the volume-level access policy.
12. The apparatus of claim 9, wherein the volume-level access policy indicates one or more geographic access permissions and the one or more attributes comprise a source of the request.
13. The apparatus of claim 9, wherein the volume-level access policy indicates a data sensitivity level and the one or more attributes comprise a security level.
14. The apparatus of claim 9, wherein the volume-level access policy indicates one or more allowable storage operations and the one or more attributes comprise a type of storage operation of the request.
18. The computer program product of claim 17, wherein determining whether to allow access to the storage volume comprises allowing the access responsive to the one or more attributes meeting the volume-level access policy.
19. The computer program product of claim 17, wherein determining whether to allow access to the storage volume comprises denying the access responsive to the one or more attributes failing to meet the volume-level access policy.
20. The computer program product of claim 17, wherein the volume-level access policy indicates one or more geographic access permissions and the one or more attributes comprise a source of the request.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
November 19, 2020
June 13, 2023
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.